jquery - API skips authenticity verification with versionist gem -

February 15, 2012

i trying implement verify authenticity rails app, seems rails feature

and can't figure out callback failing...

so here applicaiton controller:

class applicationcontroller < actioncontroller::base protect_from_forgery end

here api controller:

class v1::managerleadscontroller < applicationcontroller   def create     manager_lead = managerlead.create!(manager_lead_params)     render json: manager_lead   end    private   def manager_lead_params     params.require(:manager_lead).permit(:first_name, :last_name, :email, :phone, :company,        :format, :requested_date, :meeting_type, :has_complited_wholesale_investor_form     )   end end

and here logs:

started post "/api/v1/manager_leads" 127.0.0.1 @ 2014-10-24 10:29:46 +1100 processing v1::managerleadscontroller#create json   parameters: {"manager_lead"=>{"first_name"=>"", "last_name"=>"", "email"=>"", "phone"=>"", "company"=>"", "meeting_type"=>""}} can't verify csrf token authenticity    (0.1ms)  begin   sql (0.3ms)  insert "manager_leads" ("company", "created_at", "email", "first_name", "last_name", "meeting_type", "phone", "updated_at") values ($1, $2, $3, $4, $5, $6, $7, $8) returning "id"  [["company", ""], ["created_at", "2014-10-23 23:29:46.833290"], ["email", ""], ["first_name", ""], ["last_name", ""], ["meeting_type", ""], ["phone", ""], ["updated_at", "2014-10-23 23:29:46.833290"]]    (7.6ms)  commit completed 200 ok in 23ms (views: 0.4ms | activerecord: 9.4ms)

can't verity csrf token authenticity, request completed 200ok response :(

if this:

if verified_request?   manager_lead = managerlead.create!(manager_lead_params)   render json: manager_lead else   render json: { error: 'unprocessed entity' }, status: 422 end

then app starts work alright:

started post "/api/v1/manager_leads" 127.0.0.1 @ 2014-10-24 10:30:59 +1100 processing v1::managerleadscontroller#create json   parameters: {"manager_lead"=>{"first_name"=>"", "last_name"=>"", "email"=>"", "phone"=>"", "company"=>"", "meeting_type"=>""}} can't verify csrf token authenticity completed 422 unprocessable entity in 3ms (views: 0.1ms | activerecord: 0.0ms)

i'm using

rails 4.1.5 versionist gem jquery-ui-rails # form submission

ok reply was:

protect_from_forgery with: :exception

jquery ruby-on-rails ruby authentication csrf

Search This Blog

New Th

jquery - API skips authenticity verification with versionist gem -

Comments

Post a Comment

Popular posts from this blog

xslt - DocBook 5 to PDF transform failing with error: "fo:flow" is missing child elements. Required content model: marker* -

mediawiki - How do I insert tables inside infoboxes on Wikia pages? -

Local Service User Logged into Windows -